Hi Mark!
Thank you so much for answering.
I think that the process of issuing a new ca cert (for replacing the old
ca cert with a new a certificate with more bits and better signing
algorithms) should be :
- Generate in the own ca a new ca cert.
- Replace in openssl.conf which ca cert and c
NIST-800-131a deprecated SHA1 signatures in January of 2013 along with
RSA1024 bit keys. You should be issuing certificates with at least
RSA2048 with SHA2 signatures, and preferably at least RSA3072 with SHA-
384 signatures and if you are re-issuing CA certs more bits is better.
Nothing was said
Please ignore the line below I said regards in my previous mail... it's
there by error...
cheers!
El 2022-05-12 17:38, ego...@ramattack.net escribió:
> Good afternoon,
>
> I'm running a CA, for generating the certificates for the backup clients of
> my network and for the backup servers too.
Good afternoon,
I'm running a CA, for generating the certificates for the backup clients
of my network and for the backup servers too. The certificates are used
for encrypting the backups stored in the servers and too, for
comunicating over TLS between severs and clients.
This CA has some years